AMENDMENTS 

In the Claims 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 



Listing of Claims 

1 . (Original) A method for detecting unauthorized hardware devices in a local 
area network, comprising steps of: 

scanning ports of a plurality of hardware devices to retrieve MAC addresses 
thereof; 

filtering an uplink port on each of the hardware devices to acquire a first MAC 
address list; 

calculating the number of MAC addresses of the filtered ports to acquire a 

second MAC address list; and 
subtracting the number of ports with more than two MAC addresses on the first 

MAC address list from the number of ports with more than two MAC 

addresses on the second MAC address list, thereby obtaining at least one 

unauthorized MAC address. 



2. (Original) The method as claimed in claim 1 , further comprising steps of: 
comparing the MAC addresses of the unauthorized hardware devices with MAC 
addresses in a routing entry table to obtain Internet Protocol (IP) 
addresses of the unauthorized hardware devices; and 
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acquiring user information for the unauthorized hardware devices by SNMP or 
WINS services in accordance with the IP address of the unauthorized 
hardware devices. 

3. (Original) The method as claimed in claim 1 , wherein in the scanning step, 
the ports of the authorized hardware devices are recursively scanned by one of the 
authorized network devices. 

4. (Original) The method as claimed in claim 1 , wherein in the scanning step, 
the MAC addresses of authorized hardware devices are stored in a database. 

5. (Original) The method as claimed in claim 1 , wherein in the scanning step, 
the ports of authorized network devices are scanned by simple network management 
protocol. 

6. (Original) The method as claimed in claim 1 , wherein a simple network 
management protocol is used in the calculating step. 

7. (Original) A system for detecting unauthorized hardware devices in a local 
area network, comprising: 

a device detection unit for scanning a plurality of ports of a plurality of hardware 
devices to retrieve MAC addresses thereof, filtering an uplink port of each 
hardware device to acquire a first MAC address list, and calculating the 
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number of MAC addresses of the ports of the network devices to acquire 
a second MAC address list; and 
a device processing unit, coupled with the device detection unit, for subtracting 
the number of ports with more than two MAC addresses on the first MAC 
address list from the number of ports with more than two MAC addresses 
on the second MAC address list, thereby obtaining at least one 
unauthorized MAC address. 

8. (Original) The system as claimed in claim 7, wherein the device 
processing unit compares the MAC addresses of the unauthorized hardware devices 
with MAC addresses in a routing entry table to obtain Internet Protocol (IP) addresses of 
unauthorized hardware devices, and acquire user information of the unauthorized 
hardware devices by SNMP or WINS services. 

9. (Original) The system as claimed in claim 7, wherein the device detection 
unit recursively scans the ports of the hardware devices. 

10. (Original) The system as claimed in claim 7, wherein the device detection 
unit stores the MAC addresses of the hardware devices in a database. 

1 1 . (Original) The system as claimed in claim 7, wherein the device detection 
unit scans the ports of the network devices by simple network management protocol. 
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12. (Original) A storage medium containing a stored computer program 
providing a method for detecting unauthorized hardware devices, comprising using a 
computer to perform the steps of: 

scanning a plurality of ports of a plurality of hardware devices to retrieve MAC 
addresses thereof; 

filtering an uplink port of each hardware device to acquire a first MAC address 
list; 

calculating the number of MAC addresses of the ports of the network devices to 

acquire a second MAC address list; and 
subtracting the number of ports with more than two MAC addresses on the first 

MAC address list from the number of ports with more than two MAC 

addresses on the second MAC address list, thereby obtaining at least one 

unauthorized MAC address. 

1 3. (Original) The storage medium as claimed in claim 1 2, further comprising 
steps of: 

comparing the MAC addresses of the unauthorized hardware devices with MAC 

addresses in a routing entry table to obtain Internet Protocol (IP) 

addresses of unauthorized hardware devices; and 
acquiring user information of the unauthorized hardware devices by SNMP or 

WINS services in accordance with the IP address of the unauthorized 

hardware devices. 
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14. (Original) The storage medium as claimed in claim 12, wherein the ports 
of the hardware devices are recursively scanned by one of the authorized network 
devices. 

15. (Original) The storage medium as claimed in claim 12, wherein the MAC 
addresses of the hardware devices are stored in a database. 

16. (Original) The storage medium as claimed in claim 12, wherein the ports 
of the network devices are scanned by simple network management protocol. 
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